package cn.com.yusys.yusp.cmis.commons.web.filter;

import cn.com.yusys.yusp.commons.data.authority.DataAuthorityContext;
import cn.com.yusys.yusp.commons.data.authority.DataAuthorizationService;
import cn.com.yusys.yusp.commons.data.authority.UserInformation;
import cn.com.yusys.yusp.commons.data.authority.UserInformationService;
import cn.com.yusys.yusp.commons.redis.template.YuspRedisTemplate;
import cn.com.yusys.yusp.commons.util.ObjectMapperUtils;
import cn.com.yusys.yusp.commons.util.StringUtils;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.CollectionUtils;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:cn/com/yusys/yusp/cmis/commons/web/filter/CmisDataAuthorityWebFilter.class */
public class CmisDataAuthorityWebFilter implements Filter {
    private static final Logger LOGGER = LoggerFactory.getLogger(CmisDataAuthorityWebFilter.class);
    public static final String INIT_IGNORE_URLS_KEY = "ignoreUrls";
    public static final String ORG_TREE_KEY = "_orgTree";
    public static final String REDIS_ORG_LIST_KEY = "orgTree";
    public static final String REDIS_KEY_AREA_XW_USER = "areaXwUser";
    public static final String REDIS_KEY_AREA_XW_ORG = "areaXwOrg";
    public static final String REDIS_KEY_JZZY_USER = "jzzyUser";
    public static final String REDIS_KEY_ALL_XW_USER = "allXwUser";
    public static final String DATAAUTH_AREA_XW_USER_KEY = "_areaXwUser";
    public static final String DATAAUTH_AREA_XW_ORG_KEY = "_areaXwOrg";
    public static final String DATAAUTH_ALL_XW_USER_KEY = "_allXwUser";
    public static final String DATAAUTH_JZZY_USER_KEY = "_jzzyUser";
    private final YuspRedisTemplate yuspRedisTemplate;
    private final DataAuthorizationService dataAuthorizationService;
    private final UserInformationService userService;
    private final UrlPathHelper pathHelper = new UrlPathHelper();
    private final AntPathMatcher matcher = new AntPathMatcher();
    private List<String> ignoreUrls;

    public CmisDataAuthorityWebFilter(DataAuthorizationService dataAuthorizationService, UserInformationService userInformationService, YuspRedisTemplate yuspRedisTemplate) {
        this.dataAuthorizationService = dataAuthorizationService;
        this.userService = userInformationService;
        this.yuspRedisTemplate = yuspRedisTemplate;
    }

    public void init(FilterConfig filterConfig) {
        LOGGER.info("Create cmis access permission interceptor!");
        if (null == filterConfig.getInitParameter(INIT_IGNORE_URLS_KEY)) {
            return;
        }
        this.ignoreUrls = Collections.unmodifiableList((List) Arrays.asList(filterConfig.getInitParameter(INIT_IGNORE_URLS_KEY).split(",")).parallelStream().filter((v0) -> {
            return Objects.nonNull(v0);
        }).map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toList()));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String method = httpServletRequest.getMethod();
        String lookupPathForRequest = this.pathHelper.getLookupPathForRequest(httpServletRequest);
        boolean z = true;
        if (null != this.ignoreUrls && !this.ignoreUrls.isEmpty()) {
            z = !this.ignoreUrls.parallelStream().anyMatch(str -> {
                return this.matcher.match(str, lookupPathForRequest);
            });
        }
        if (z) {
            UserInformation userInformation = this.userService.getUserInformation();
            if (!Objects.nonNull(userInformation) || userInformation.getUserId() == null) {
                LOGGER.debug("The current request API[{}] does not obtain information about the logged in user", lookupPathForRequest);
            } else {
                List matching = this.dataAuthorizationService.matching(lookupPathForRequest, method, userInformation.getUserId());
                if (!Objects.nonNull(matching) || matching.isEmpty()) {
                    LOGGER.debug("The current request API[{}], The login user[{}] is not configured with the corresponding data authorization information", lookupPathForRequest, userInformation.getUserId());
                } else {
                    addUserInformationToContext(userInformation);
                }
            }
        }
        try {
            filterChain.doFilter(servletRequest, servletResponse);
            DataAuthorityContext.getCurrentContext().unset();
        } catch (Throwable th) {
            DataAuthorityContext.getCurrentContext().unset();
            throw th;
        }
    }

    private void addUserInformationToContext(UserInformation userInformation) {
        List organizationIds = userInformation.getOrganizationIds();
        if (!CollectionUtils.isEmpty(organizationIds)) {
            Object hget = this.yuspRedisTemplate.hget(REDIS_ORG_LIST_KEY, (String) organizationIds.get(0));
            if (Objects.nonNull(hget)) {
                DataAuthorityContext.getCurrentContext().set(ORG_TREE_KEY, (List) ObjectMapperUtils.instance().convertValue(hget, List.class));
            }
        }
        String userId = userInformation.getUserId();
        if (StringUtils.nonBlank(userId)) {
            Object hget2 = this.yuspRedisTemplate.hget(REDIS_KEY_AREA_XW_USER, userId);
            if (Objects.nonNull(hget2)) {
                DataAuthorityContext.getCurrentContext().set(DATAAUTH_AREA_XW_USER_KEY, (List) ObjectMapperUtils.instance().convertValue(hget2, List.class));
            }
            Object hget3 = this.yuspRedisTemplate.hget(REDIS_KEY_AREA_XW_ORG, userId);
            if (Objects.nonNull(hget3)) {
                DataAuthorityContext.getCurrentContext().set(DATAAUTH_AREA_XW_ORG_KEY, (List) ObjectMapperUtils.instance().convertValue(hget3, List.class));
            }
            Object hget4 = this.yuspRedisTemplate.hget(REDIS_KEY_ALL_XW_USER, userId);
            if (Objects.nonNull(hget4)) {
                DataAuthorityContext.getCurrentContext().set(DATAAUTH_ALL_XW_USER_KEY, (List) ObjectMapperUtils.instance().convertValue(hget4, List.class));
            }
            Object hget5 = this.yuspRedisTemplate.hget(REDIS_KEY_JZZY_USER, userId);
            if (Objects.nonNull(hget5)) {
                DataAuthorityContext.getCurrentContext().set(DATAAUTH_JZZY_USER_KEY, (List) ObjectMapperUtils.instance().convertValue(hget5, List.class));
            }
        }
    }
}
